The CVE-2019-1108 vulnerability and classified by Redmond’s safety team as’ Important’ was not yet allocated a CVSS v3.1 score. As part of their July 2019 patch on Tuesday, Microsoft originally revealed and patched the defect, along with 77 other vulnerabilities, 15 of which were categorized as’ critical.’
Exploitation more likely
“An information disclosure vulnerability exists when the Windows RDP client improperly discloses the contents of its memory,” says Microsoft’s advisory. “An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.” To exploit the safety problem of CVE-2019-1108, attackers should run a specially designed application on unpatched machines after remote connectivity to the impacted device. Microsoft resolved the fault by correcting the RDP customers’ initialization of the memory and thus eliminating the bug that would reveal uninitialized memory to attackers that effectively exploit the fault.
Microsoft Remote Desktop for Android The business claims it is more likely to exploit this weakness, which, as detailed in the Redmond Exploitability Index, implies: Microsoft analysis has shown that exploit code could be created in such a way that an attacker could consistently exploit this vulnerability. Moreover, Microsoft is aware of past instances of this type of vulnerability being exploited. This would make it an attractive target for attackers, and therefore more likely that exploits could be created. As such, customers who have reviewed the security update and determined its applicability within their environment should treat this with a higher priority.
Measures of mitigation
In order to fully protect Microsoft Remote Desktop against future attacks, Microsoft advised all Android clients installed on their devices to install the latest security update. Use the following operation to update Microsoft Remote Desktop for Android app to mitigate this safety flaw: